Devansh-Webkul

#13539of 53,625
19.6Total CVSS
Vulnerabilities · 2
Critical
2
PT-2026-1128
9.8
2026-01-02
Bagisto · Bagisto · CVE-2026-21448
**Name of the Vulnerable Software and Affected Versions** Bagisto versions prior to 2.3.10 **Description** Bagisto, an open source Laravel eCommerce platform, is susceptible to server-side template injection. A normal customer, during the address addition step of an order, can inject a value that executes within the admin view, potentially leading to remote code execution. **Recommendations** Update to version 2.3.10 or later.
PT-2026-1130
9.8
2026-01-02
Bagisto · Bagisto · CVE-2026-21450
**Name of the Vulnerable Software and Affected Versions** Bagisto versions prior to 2.3.10 **Description** Bagisto, an open source Laravel eCommerce platform, is susceptible to server-side template injection through the `type` parameter. This can potentially lead to remote code execution. **Recommendations** Update to version 2.3.10 or later.